Wednesday, June 29th | 30 Sivan 5782

Subscribe
June 13, 2014 4:47 pm
3

Israeli IT Expert Identifies Gmail Flaw, Prevents Hackers From Capturing Email Addresses

avatar by Joshua Levitt

Israeli Prime Minister Netanyahu's Google Doodle. Source: P.M. Netanyahu / Facebook.

Israeli Prime Minister Netanyahu's Google Doodle. Source: P.M. Netanyahu / Facebook.

Israeli computers expert Oren Hafif was featured this week in Wired Magazine and the Daily Mail for helping to save users of Google’s Gmail program from being exposed to hackers.

On his blog, Hafif explained how a sharing feature of Gmail allows a user to ‘delegate’ access to their account.

By adjusting the web address, Hafif found it was possible to reveal other users’ email addresses. By automating the character changes with a software program called DirBuster, he was able to collect 37,000 Gmail addresses in two hours.

Hafif said the flaw could have left users vulnerable to spam, phishing or password-guessing attacks, but it would not have exposed their passwords.

Hafif, a Tel Aviv-based penetration tester for security firm Trustwave, said it took Google another month after his report to fix the bug. He was paid $500 for the tip.

Share this Story: Share On Facebook Share On Twitter

Let your voice be heard!

Join the Algemeiner

Algemeiner.com

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.